Is Your Operating Procedure Meeting C/SCRM Requirements?
The U.S. Government identifies 4 "baseline requirements" related to Cybersecurity and Supply Chain Security which includes EO14028, NIST CSF V1.1, NIST IR 8276 and NIST 800-161r-1.
Additionally, the FCC is considering adding similar Cyber and Supply Chain Security requirements to programs such as the Enhanced Alternative Connect America Cost Model (A-CAM) program.
Alignment with C/SCRM Requirements
The Telecommunications Industry Association (TIA) has completed a detailed analysis of the C/SCRM baseline requirements and created a comprehensive interactive checklist based on its flagship SCS 9001™ Cybersecurity and Supply Chain Security Standard. This checklist is intended to help organizations determine whether their operating plans reflect the C/SCRM requirements.
- TIA’s new C/SCRM Checklist offers straightforward questions centering on baseline C/SCRM requirements simplified in ‘plain English’
- Answers to the questions are weighted and aggregated to create an overall rating
- A simple gauge is provided for an at-a-glance view of the aggregated checklist score
Sample Screenshot of Checklist
A GOOD or EXCELLENT rating can provide assurance that the organization’s cyber practicies reflect the C/SCRM.
The Checklist serves to simplify the main expectations of each baseline requirement using clear language. It is not designed to align with specific requirements or serve as an auditing tool for baseline conformance. For the highest level of assurance, an independent audit based on an industry-standard like TIA's SCS 9001 Supply Chain Security Management System is recommended.
To find additional resources for SCS 9001 Supply Chain Security Management System including training and information on certification, visit the SCS 9001 Supply Chain Standard page
